1. Field of the Invention
This invention relates generally to email security, and more particularly to methods of detecting fraudulent email through fingerprinting techniques.
2. Background of the Invention
Businesses would like to use email to communicate with their customers, due to its low cost, speed, and conversational qualities. A major impediment to this use, however, is the perception that email is not a safe or reliable communication mechanism.
Perhaps the most common form of email fraud is “phishing,” perpetrated by individuals posing as reputable enterprises. Emails that appear to have been originated by legitimate credit card companies, banks, and online payment providers are routinely sent to unwitting email recipients. Users can be lured into divulging sensitive information which can then be leveraged to defraud the user. Customers have no way to tell whether an incoming email represents a legitimate message or a phishing attempt.
Existing mechanisms for distinguishing between fraudulent and legitimate emails have significant drawbacks. Generic authentication mechanisms such as Secure/Multipurpose Internet Mail Extensions (S/MIME) and DomainKeys Identified Mail (DKIM) are resource intensive, requiring processing on the sender and recipient sides. In addition, while such mechanisms purport to establish that a message was indeed sent by either a trusted sender or domain, they do not provide message-specific checks, and may result in false positive or false negative detection.
What is needed, therefore, are systems and methods for determining whether incoming messages are legitimate or fraudulent.